Enforce Security Policy Compliance

Enforce your organization's security policies on all devices seeking network access. Cisco Network Admission Control (NAC) allows only compliant and trusted endpoint devices, such as PCs, servers, and PDAs, onto the network, restricting the access of noncompliant devices, and thereby limiting the potential damage from emerging security threats and risks. Cisco NAC gives organizations a powerful, roles-based method of preventing unauthorized access and improving network resiliency.

Business Benefits

Security policy compliance: Ensures that endpoints conform to security policy; protects infrastructure and employee productivity; secures managed and unmanaged assets; supports internal environments and guest access; tailors policies to your risk level
Protects existing investments: Is compatible with third-party management applications; flexible deployment options minimize need for infrastructure upgrades
Mitigates risks from viruses, worms, and unauthorized access: Controls and reduces large-scale infrastructure disruptions; reduces OpEx and helps enable higher IT efficiency; integrates with other Cisco Self-Defending Network components to deliver comprehensive security protection

NAC Deployment Scenarios

Cisco NAC can be deployed in all infrastructure scenarios, including corporate LAN, WAN, wireless, and remote access (VPN). Cisco NAC deployments include the following options:

Cisco NAC Appliance is the recommended deployment solution for most customers. It is an appliance-based product that provides

Rapid deployment
Self-contained endpoint security posture assessment
Policy management
Integration with identity, remediation, and other services

Cisco NAC Appliance In-Band Option

This is the ideal option for wireless, remote access, and branch office applications, and works in heterogeneous network environments.

Cisco NAC Appliance Out-of-Band Option

This option is ideal for larger campus LAN deployments in which enforcement is controlled at the switch. Cisco NAC Out-of-Band can be combined with the Cisco NAC In-Band deployment option.

Cisco NAC Framework, through the Cisco Network Admission Control Partner Program, provides the option of integrating an intelligent network infrastructure with solutions from more than 75 manufacturers of leading antivirus and other security and management software.

NAC Deployment Services (PDF)
Cisco Security NAC Services provide rigorous requirements analysis, planning, design, and implementation consulting—essential to deploying an effective NAC solution.

University Protects Network Resources

Virginia Commonwealth University uses Cisco Network Admission Control to defend its network.

> View Video

Simplify Management and Operations with Expanded NAC Options

Learn about the capabilities of the new NAC Network Module for Cisco Integrated Services Routers and the new NAC Profiler.

> Go Now

Webcast Series: Security in Today's Branch

Design, deploy, and operate integrated security for your branch network.

>View Now

Hierarchical Navigation

Network Admission Control

Introduction

Enforce Security Policy Compliance

Business Benefits

NAC Deployment Scenarios

Cisco NAC Appliance In-Band Option

Cisco NAC Appliance Out-of-Band Option

Featured Content

University Protects Network Resources

Simplify Management and Operations with Expanded NAC Options

Webcast Series: Security in Today's Branch

Learn More

Additional Resources

Solutions

Hierarchical Navigation

Network Admission Control

Introduction

Enforce Security Policy Compliance

Business Benefits

NAC Deployment Scenarios

Cisco NAC Appliance In-Band Option

Cisco NAC Appliance Out-of-Band Option

Featured Content

University Protects Network Resources

Simplify Management and Operations with Expanded NAC Options

Webcast Series: Security in Today's Branch

Learn More

Additional Resources

Solutions

Related Tools

Related Links

Industry Solutions

Products & Services

Solutions